Renew letsencrypt certbot certificate


#1

Hi,
I’m the owner of a website that uses letsencrypt to manage the https connection.
I tried to renew my certificate, but when I digit:

certbot renew

I have this error:

Incorrect validation certificate for tls-sni-01 challenge.

My website is hosted on a ubuntu server 14.04 machine with apache as web server. Can you help me? Thanks!

EDIT:

I put here a screenshot that can help:


#2

Hi. Could you provide more information, particularly the rest of the error message (what certificate was it?) and more about your setup?

Is the site using a CDN/load balancer/reverse proxy (such as Cloudflare or Nginx)? What about the configuration has changed recently?

Edit: Also, is Certbot using the --apache plugin or --standalone?


Please fill out the fields below so we can help you better.

My domain is:

I ran this command: certbot renew

It produced this output:

My web server is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):


#3

No, I’m not using reverse proxy and the configuration is not changed recently.
I followed this guide to install ssl certificate:

The information:

My domain is: unishare.it

I ran this command: certbot renew

It produced this output: the output is very long, but the important part is “Incorrect validation certificate for tls-sni-01 challenge.”

My web server is (include version): apache2

My hosting provider, if applicable, is: digital ocean

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no, I manage my site by terminal


#4

Do you have more than one virtual host defined in a single configuration file within /etc/apache2?


#5

How can I understand if I have multiple vhost? I have to see in apache2.conf? If yes, where exactly?


#6

The question applies to any file that you have there that defines virtual hosts. However, you could find all of them rapidly with

grep -ir VirtualHost /etc/apache2


#7

#8

Thanks, and what version of Certbot are you running?


#9

How can I find this information?


#10

Just run:

certbot --version

#11

The version is 0.17.0


#12

@schoen any help? please


#13

I’m a little unsure about what to anticipate the problem is; maybe @bmw can help you better here.


#14

can you paste the full log rather than just the error message as it may lead to identifying the root cause


#15

Can you provide us with
apache2ctl -S
output? Maybe you have mixed VirtualHost declaration with *:port and ip:port
e.g.: *:443 and x.y.w.z:443
That will be exposed by issuing apache2ctl -S


#16

@mauriziomarini @ahaw021 maybe this image can help:


#17

I don’t see any virtualhost, in your screenshot


#18

Mmm very strange. How can I setup virtual hosts?


#19

www.google.com

setup virtual host apache

sorry to be blunt but we live in an awesome world where the guide for everything is just a google away.

Andrei


#20

@ahaw021 I know google and I followed, many months ago, this guide.

with these results:

https://imgur.com/zA3L0A8

https://imgur.com/8Q3ze7L

https://imgur.com/tPsMeC8

https://imgur.com/LNZTEMf